package com.huitone.gddw.interceptors;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.huitone.gddw.dao.entity.Users;
import com.huitone.gddw.service.IApiKeyService;

/**
 * 登陆拦截器
 * @author wuluodan
 *
 */
public class LoginInterceptor implements HandlerInterceptor {

	@Autowired
    private StringRedisTemplate stringRedisTemplate;
	
	@Autowired
	private IApiKeyService apiKeyService;
	
	
	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		// 获取请求的 URL  
        String url = request.getRequestURI();
        
        if(request.getHeader("api-key")!=null&&!"".equals(request.getHeader("api-key"))&&apiKeyService.selectApiKeyByDesc("outter_api").getApiKey().equals(request.getHeader("api-key"))){
        	return true;
        }
        
        // 获取 Session  
        HttpSession session = request.getSession();
        
        Object userId = session.getAttribute("userId");
        if (null == userId) {
        	session.invalidate();
        	response.sendRedirect(request.getContextPath() + "/login.html");
        	return false;
        }
        if (!session.getId().equals(stringRedisTemplate.opsForValue().get(userId))) {
        	session.invalidate();
        	response.sendRedirect(request.getContextPath() + "/login.html");
        	return false;
        }
        
        // 获取用户信息
        Users curLoginUser = session.getAttribute("curLoginUser") == null ? null : (Users)session.getAttribute("curLoginUser");
          
        if (curLoginUser != null) {
        	return true;  
        }
        
       
        
        // 如果是 ajax 请求响应头会有 x-requested-with
//        if (request.getHeader("x-requested-with") != null && request.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest")) {
//        	response.setCharacterEncoding("UTF-8");
//            response.setContentType("text/html");
//            response.setDateHeader("Expires", 0);
//            response.setHeader("sessionstatus", "noAuth");
//        } else { // 不符合条件的，跳转到登录界面
//        	response.sendRedirect(request.getContextPath() + "/login.html");
//        }
        // request.getRequestDispatcher(request.getContextPath() + "/login.html").forward(request, response);
        session.invalidate();
        response.sendRedirect(request.getContextPath() + "/login.html");
        return false;
	}

	@Override
	public void postHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
		
	}

	@Override
	public void afterCompletion(HttpServletRequest request,
			HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
		
	}

}
